| # fscrypt v2 ioctls are introduced to Chrome OS by kernel 5.4. Therefore adding |
| # those ioctls in the policy allowrules will be no-operation for devices with a |
| # lower kernel version. |
| # |
| # fscrypt ioctls are defined in |
| # /src/third_party/kernel/v5.4*/include/uapi/linux/fscrypt.h |
| define(`FS_IOC_SET_ENCRYPTION_POLICY', `0x00006613') |
| define(`FS_IOC_GET_ENCRYPTION_PWSALT', `0x00006614') |
| define(`FS_IOC_GET_ENCRYPTION_POLICY', `0x00006615') |
| define(`FS_IOC_GET_ENCRYPTION_POLICY_EX', `0x00006616') |
| define(`FS_IOC_ADD_ENCRYPTION_KEY', `0x00006617') |
| define(`FS_IOC_REMOVE_ENCRYPTION_KEY', `0x00006618') |
| define(`FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS', `0x00006619') |
| define(`FS_IOC_GET_ENCRYPTION_KEY_STATUS', `0x0000661A') |
| define(`FS_IOC_GET_ENCRYPTION_NONCE', `0x0000661B') |
| |
| # cryptohome specific ioctl to clear cached unencrypted user data on logout. |
| # Defined in src/third_party/kernel/v*/include/uapi/linux/fs.h |
| define(`FS_IOC_DROP_CACHE',`0x00006681') |
| |
| define(`FS_IOC_FSGETXATTR', `0x0000581F') |
| define(`FS_IOC_FSSETXATTR', `0x00005820') |
| |